Re: [Nolug] bcm43xx-fwcutter

From: Katrina Niolet <kniolet_at_ildiinc.com>
Date: Tue, 17 Apr 2007 14:20:31 +0000
Message-ID: <779649217-1176819616-cardhu_blackberry.rim.net-54120620-@bxe050-cell01.bisx.prod.on.blackberry>

IMHO if a defense-in-depth approach is used, a wifi connection using wep isn't that bad. For instance if the steps of reading your email are:
1 Crack wep (easy)
2 crack the TLS connection between your email client and server (very hard)
3 crack the aes encrypted email (more or less impossible)

You would still be pretty darn safe. You just have to make sure your email server and clients are using ssl or tls, your intranet uses ssl, etc. Then the wifi encryption becomes somewhat of a non-issue. (although having it as another layer isn't a bad idea)

--sent from my BlackBerry 8100--
Katrina Niolet
kniolet@ildiinc.com

  

-----Original Message-----
From: "Joey Kelly" <joey@joeykelly.net>
Date: Tue, 17 Apr 2007 08:49:50
To:nolug@nolug.org
Subject: Re: [Nolug] bcm43xx-fwcutter

> > I dispute this. WEP is terminally broken, period. When you can crack 64-bit
> > WEP in under 3 minutes, do you think a key only twice as long will keep you
> > safe?
>
> Are you implying that a 128 bit key will only take 6 minutes? I am
> pretty sure that the difficulty in cracking WEP keys increases
> exponentially using the similar methods as your key length gets
> longer.

Actually, I was wrong. A 128-bit key (104 bits + 24 bit initialization
vector) can be cracked in under one minute:

http://eprint.iacr.org/2007/120

http://www.enterprisenetworkingplanet.com/netsecur/article.php/3670961

--
Joey Kelly
< Minister of the Gospel | Linux Consultant >
http://joeykelly.net

(sent via gmail.com, no GPG signature)
___________________
Nolug mailing list
nolug@nolug.org
6‰n‚f¢–)à–+-ž‰n‚z%º
+
Received on 04/17/07

This archive was generated by hypermail 2.2.0 : 12/19/08 EST